<?php
	session_start();
	if(!isset($_SESSION["jara_admin"])) {
		header("Location: ../login.php");
		exit;
	}
	if($_SESSION["jara_permissions"][2] == 0) {	
		header("Location: error.php");
		exit;
	}
	require_once("../include/templating_fns.php");
	require_once("../include/db_fns.php");
	jara_page_start("Edit User - Administrator CP");
	$id = $_REQUEST["id"];
	if(isset($_REQUEST["edit_action"])) {
		try {
			$username = $_POST["username"];
			$password = $_POST["password"];
			if(!get_magic_quotes_gpc()) {
				$username = addslashes($username);
				$password = addslashes($password);
			}
			$p1 = ((isset($_POST["permission_posts"])) ? 1 : 0);
			$p2 = ((isset($_POST["permission_pages"])) ? 1 : 0);
			$p3 = ((isset($_POST["permission_users"])) ? 1 : 0);
			$p4 = ((isset($_POST["permission_upload"])) ? 1: 0);
			if($id == 1) {
				throw new JaraGeneralException("You cannot edit the superuser.");
			}
			$query = "update jara_users set username = '$username', permission_posts = '$p1', permission_pages = '$p2', permission_users = '$p3', permission_upload = '$p4' where id = '$id'";
			if(isset($_POST["set_password"])) {
				$query = "update jara_users set username = '$username', password = SHA1('$password'), permission_posts = '$p1', permission_pages = '$p2', permission_users = '$p3', permission_upload = '$p4' where id = '$id'";
			}
			$result = jara_db_query($query);
			if($result == 0) {
				throw new JaraGeneralException("No information has been changed in the database.");
			}
			else {
				echo "<p>Edited user successfully.</p>";
				jara_page_end();
				exit;
			}
		}
		catch(JaraDatabaseException $ex) {
?>
	<p>
		A database error occured during the process of creating this page.
	</p>
	<p>
		Error type: <?php echo (($ex->getSqlStage() == 1) ? "MySQL connection error" : "MySQL query error"); ?><br />
		Error message: &quot;<?php echo $ex->getSqlMsg(); ?>&quot; [code <?php echo $ex->getSqlCode(); ?>]
	</p>
<?php
			jara_page_end();
			exit;
		}
		catch(JaraGeneralException $ex) {
?>
	<p>
		A general error occured during the process of creating this page.
	</p>
	<p>
		Error message: &quot;<?php echo $ex->getMessage(); ?>&quot;
	</p>
<?php
			jara_page_end();
			exit;
		}
		exit;
	}
	try {
		if($id == 1) {
?>
<p>
	Sorry, you cannot edit the superuser.<br />
	<a href="users.php">Return to user listing</a>
</p>
<?php
			jara_page_end();
			exit;
		}
?>
<form action="edit_user.php" method="post">
<p>
<input type="hidden" name="edit_action" id="edit_action" value="change" />
<input type="hidden" name="id" id="id" value="<?php echo $id; ?>" />
<?php
	$result = jara_db_query("select * from jara_users where id = '$id'");
	if($result->num_rows == 0) {
		throw new JaraGeneralException("The requested user does not exist.");
	}
	$row = $result->fetch_assoc();
?>
<h3>User Details</h3>
<p>
New username: <input type="text" name="username" id="username" value="<?php echo $row["username"]; ?>" /><br />
New password: <input type="password" name="password" id="password" /><br />
<input type="checkbox" name="set_password" id="set_password" /> Check if you want to change the password of this user
</p>
<h3>Permissions</h3>
<p>
<p>
<input type="checkbox" name="permission_posts" id="permission_posts" <?php if($row["permission_posts"] == 1) { ?> checked="checked" <?php } ?>/> Allow access to post-related data<br />
<input type="checkbox" name="permission_pages" id="permission_pages" <?php if($row["permission_pages"] == 1) { ?> checked="checked" <?php } ?>/> Allow access to page-related data<br />
<input type="checkbox" name="permission_users" id="permission_users" <?php if($row["permission_users"] == 1) { ?> checked="checked" <?php } ?>/> Allow access to user-related data<br />
<input type="checkbox" name="permission_upload" id="permission_upload" <?php if($row["permission_upload"] == 1) { ?> checked="checked" <?php } ?>/> Allow access to upload-related data<br />

</p>
<p>
<input type="submit" value="Save" />
</p>
</form>
<?php
	}
	catch(JaraDatabaseException $ex) {
?>
<p>
A database error occured during the process of creating this page.
</p>
<p>
Error type: <?php echo (($ex->getSqlStage() == 1) ? "MySQL connection error" : "MySQL query error"); ?><br />
Error message: &quot;<?php echo $ex->getSqlMsg(); ?>&quot; [code <?php echo $ex->getSqlCode(); ?>]
</p>
<?php
		jara_page_end();
		exit;
	}
	catch(JaraGeneralException $ex) {
?>
<p>
A general error occured during the process of creating this page.
</p>
<p>
Error message: &quot;<?php echo $ex->getMessage(); ?>&quot;
</p>
<?php
		jara_page_end();
		exit;
	}
	jara_page_end();
?>
	